Video Screencast Help
Security Community Blog
Showing posts tagged with 11.x
Showing posts in English
Mohammad Altaf Khan | 15 Aug 2012 | 1 comment

 

(Reuters) - Saudi Arabian Oil Co (Saudi Aramco) SDABO.UL said its computer systems had been shut down by a virus late on Wednesday, but it added that production had not been affected.

"An official source of Saudi Aramco confirmed that it had isolated electronic systems for the entire company today and cut off external access as an early precaution," said a statement in Arabic from the company.

The world's biggest oil company said that although the virus affected some computers, it did not penetrate key components of the network, which it said would return to normal operating mode soon.

"The source ... reiterated the lack of any effect at all on the work of production due to the strength of advanced protection systems," the statement added.

Rumours had spread among traders earlier on Wednesday that the state-owned company had been subjected to a hacking attack.

(Reporting By Reem Shamseddine and Angus McDowall...

AR Sharma | 28 May 2012 | 5 comments

Just now 'The Flame', the most powerful malware till date has been identified. Again, we must say that calling 'The Flame' a malware is insult for 'The Flame'.

When security community can call Stuxnet- the first cyber weapon, then 'The Flame' should be called as first nuclear cyber weapon.

'Flame' is the 20 times more complex than Stuxnet. Antivirus companies took 6 months to analyze Stuxnet. Imagine how much time and effort would be required to analyze 'The Flame'

'Flame' is massive and most likely targeted for Iran and Isreal.

Once the PC is infected with 'Flame', it steals all info including password, traffic, image, audio and keystrokes.

In the group of malware, 'Flame' joins the elite club along with Stuxnet and Duqu.

'Flame' is the sophisticated attack toolkit. When fully deployed, it's over 20 Mb in size. Such a huge size is due to many different...

Chetan Savade | 15 May 2012 | 0 comments

Hello Everyone,

Tips to improve performance, speed & security.

5 tips for PC health: Organize your folders, update Windows, run antivirus software

Working on a slow, disorganized computer can be frustrating. Read on for organization tips and guidelines to keep your PC on the right track using tools built in to the Windows operating system.

1. Organize your folders

2. Clean up your hard disk

3. Use System Restore

4. Keep Windows and Microsoft Office up-to-date

5. Run antivirus software and a spyware detection and removal tool

Reference : http://bit.ly/JywScP

Speed up your PC

A badly fragmented hard drive will bring even a top-of-the-line new computer to a grinding halt. Learn how a preventive maintenance plan can keep your Windows PC running smoothly and swiftly.

...

Sushanta | 03 May 2012 | 0 comments

Hi,

I want to implement Split Tunneling for VPN Users in my Enterprise. While I do that I do want to have a restricted policy for the VPN users when they are off network and connected remotely. At the same time I do want to have the same policy applied to the users when they are on the network directly from office location.

Please suggest me the best practices. If anybody has implemented in any of their companies. Please help.

 

Thanks,

Sushanta

Sumit G | 21 Apr 2012 | 0 comments

SmcService is not getting Start up(For Window - XP).

 

Problem

Window could not start the “Symantec Management Client” Service.

 

 

 

Symptoms

When try to startup the service. Error Display on screen (Error 1053: The service did not respond to the start or control request in timely fashion)

 

Cause

This problem is occurring due to some Symantec service effect.

 

Solution

  • Go to Run
  • Open the Services.msc.
  • Under the Services. Double click on “Symantec Management Client”.
  • Go to Logon Tab.

 

  • Uncheck the “Allow service to interact with desktop”.

...

AR Sharma | 15 Mar 2012 | 1 comment

Recently, major vulnerabilities in Microsoft remote desktop protocol (RDP) is identified and patch by Microsoft is released. These vulnerabilities are categorized as 'critical' by all security forums. All organizations, whether small, medium or large are sensitized and working on patch deployment and/or workaround for fixing the same.

Patch deployment (especially in desktops) is a substantial activity. This may take days or even weeks or more to get completed.

So, the question arises that- what to do to immediately re-mediate the threat while keeping the business as usual? Answer lies in the fact that how to identify the users using RDP and patching those users' machine on priority. And rest all machines can be taken care of in due course.

There could be many workaround. One of them could be using SEP host based firewall. Using SEP host based firewall policy, incoming RDP connection can be blocked. This policy can be applied to all clients in almost...

Sumit G | 03 Feb 2012 | 2 comments

Problem

Need to set the password to disable Smc service

 

Cause

For the Security Purpose required to Set the password

 

Solution

Go to SEPM.

Login Console with Admin Id.

Go client Tab and then choose the Group where you want to set the password.

Under that Group choose the policy TAB.

Click on General Setting then tab on Security Setting.

There four option avail

Check the "Require a password to stop the client service"

Enter the passwor that have mention on right hand side of the security tab.

Then ok and then right click on that Group and update the content.

It will set the password to...

AR Sharma | 21 Jan 2012 | 4 comments

What actually happens in a war? We tend to destroy airports, bridges, refineries, power plants, nuclear plants etc. These are basics for the economy of any country. How much do we spend in war? billions of dollars!

Stuxnet- a Malware, exploited many vulnerabilities of SCADA system, and destroyed Iran's nuclear power plant. It sent Iran's nuclear power plant 6-7 years behind. All this was done without any socio-economic disturbance. No war fought. No loss of lives. SCADA systems are used in nuclear power plants, refineries and other industries where PLCs (programmable Logic Controllers) are used. Manufacturer of this kind of system are Siemens, Honeywell, ABB etc.

Such a huge impact of Stuxnet is not a matter of chance. Stuxnet must be made carefully for this purpose. Huge investment might have gone in Stuxnet too.

Looking at the impact and cost of Stuxnet, it would be it's insult if we call Stuxnet a Malware- It's actually the first CYBER WEAPON...

GrahamA | 11 Jan 2012 | 1 comment

Happy new year to you all!

The Symantec LUA team released version 2.3.1 in Dec. Just a quick status update for you in relation to how things have been going since then.

We've seen over 200 successful customer installs/upgrades of LUA 2.3.1 so far and feedback has been very positive.

As a recap, 2.3.1 introduced the following enhancements:

  • The LUA web server service will now automatically restart if it crashes or terminates unexpectedly.
  • LUA will now automatically install and utilise an optimised private Java Runtime Environment (version 1.6 update 27). This also means it is no longer necessary to separately install a public JRE for use by LUA.
  • It is now possible for LUA to automatically run multiple specified distribution tasks after a download task completes.
  • New quick link added to the user interface which allows customers to quickly and easily capture all LUA-related troubleshooting...
Seyad | 14 Sep 2011 | 0 comments

Issue:

Installing NTP on the cluster blocks the communication between Windows Server 2008 Failover cluster nodes
Following the article TECH91154 doesn't resolve the issue.

Cause:

By default, the "Microsoft Failover Cluster Virtual Adapter" (NetFT.sys) uses IPv6 to communicate with other nodes in the cluster. If you have an IPv4 configuration, then IPv6 is tunneled over IPv4 to establish sessions with remote nodes. If IPv6 is completely unavailable in your environment, the nodes will then communicate by IPv4. It is possible to disable IPv6 and still have the cluster function correctly but it is recommended to enable IPv6 with Windows 2008, 2008 R2 Failover clustering.

Reference: For more information about IPv6 on cluster please refer to the below article from "Windows Failover Cluster Team":
...